Modeling aviation baggage screening security systems: a case study

Aviation security protects vital national interests, as well as passengers and aircraft. Key components of an aviation security system include baggage and passenger screening devices and operations. Determining how and where to assign (deploy) such devices can be quite challenging. Moreover, even after such systems are in place, it can be difficult to measure their effectiveness. This paper describes how discrete optimization models can be used to address these questions, based on three performance measures that quantify the effectiveness of airport baggage screening security device systems. These models are used to solve for optimal airport baggage screening security device deployments considering the number of passengers on a set of flights who have not been cleared using a security risk assessment system in use by the Federal Aviation Administration (i.e., passengers whose baggage is subjected to screening), the number of flights in this set, and the size of the aircraft for such flights. Several examples are provided to illustrate these results, including an example that uses data available from the Official Airline Guide.     

Integer programming models and analysis for a multilevel passenger screening problem

Designing effective aviation security systems has become a problem of national interest and concern. Passenger prescreening is an important component of aviation security. Effectively using passenger prescreening information to develop screening strategies can be quite challenging. Moreover, it can be difficult to measure the effectiveness of such systems after they are in place. To address these issues, this paper introduces the Multilevel Passenger Screening Problem (MPSP). In MPSP, a set of classes are available for screening passengers, each of which corresponds to several device types for passenger screening, where each device type has an associated capacity and passengers are differentiated by their perceived risk levels. The objective of MPSP is to use prescreening information to determine the passenger assignments that maximize the total security subject to capacity and assignment constraints. MPSP is illustrated with examples that incorporate flight schedule and passenger volume data extracted from the Official Airline Guide.     

Estimating Security Risk of Healthcare Web Applications: A Design Perspective

In the recent years, the booming web-based applications have attracted the hackers’ community. The security risk of the web-based hospital management system (WBHMS) has been increasing rapidly. In the given context, the main goal of all security professionals and website developers is to maintain security divisions and improve on the user’s confidence and satisfaction. At this point, the different WBHMS tackle different types of security risks. In WBHMS, the security of the patients’ medical information is of utmost importance. All in all, there is an inherent security risk of data and assets in the field of the medical industry as a whole. The objective of this study is to estimate the security risk assessment of WBHMS. The risks assessment pertains to securing the integrity of the information in alignment with the Health Insurance Portability and Accountability Act. This includes protecting the relevant financial records, as well as the identification, evaluation, and prevention of a data breach. In the past few years, according to the US-based cyber-security firm Fire-eye, 6.8 million data thefts have been recorded in the healthcare sector in India. The breach barometer report mentions that in the year 2019, the data breaches found were up to 48.6% as compared to the year 2018. Therefore, it is very important to assess the security risk in WBHMS. In this research, we have followed the hybrid technique fuzzy analytic hierarchy process-technique for order of preference by similarity to ideal solution (F-AHPTOPSIS) approach to assess the security risk in WBHMS. The place of this empirical database is at the local hospital of Varanasi, U.P., India. Given the affectability of WBHMS for its board framework, this work has used diverse types of web applications. The outcomes obtained and the procedure used in this assessment would support future researchers and specialists in organizing web applications through advanced support of safety and security.     

Process-oriented risk assessment methodology for manufacturing process evaluation

A process-oriented quantitative risk assessment methodology is proposed to evaluate risk associated with processes using modelling, simulation and decision-making approaches. For this purpose, risks involved in a process and the corresponding risk factors are identified through an objective-oriented risk identification approach. The identified risks are first analysed qualitatively in the failure mode effect and critical analysis process and then evaluated quantitatively in a simulation environment employing a process-based risk measurement model. To ease the decision-making process in case of multiple but heterogeneous risk measures, a global risk indicator is developed using the normalisation and aggregation techniques of the decision theory. Using the proposed methodology as a decision-making tool, alternative manufacturing scenarios (i.e. manufacturing process plans) are developed and ranked on the basis of desirability. Although the methodology is illustrated with a case study issued from the part manufacturing, it is also applicable to a wide range of other processes.     

Security risk assessment: Applying the concepts of fuzzy logic

Chemical process industries (CPI) handling hazardous chemicals in bulk can be attractive targets for deliberate adversarial actions by terrorists, criminals and disgruntled employees. It is therefore imperative to have comprehensive security risk management programme including effective security risk assessment techniques. In an earlier work, it has been shown that security risk assessment can be done by conducting threat and vulnerability analysis or by developing Security Risk Factor Table (SRFT). HAZOP type vulnerability assessment sheets can be developed that are scenario based. In SRFT model, important security risk bearing factors such as location, ownership, visibility, inventory, etc., have been used. In this paper, the earlier developed SRFT model has been modified using the concepts of fuzzy logic. In the modified SRFT model, two linguistic fuzzy scales (three-point and four-point) are devised based on trapezoidal fuzzy numbers. Human subjectivity of different experts associated with previous SRFT model is tackled by mapping their scores to the newly devised fuzzy scale. Finally, the fuzzy score thus obtained is defuzzyfied to get the results. A test case of a refinery is used to explain the method and compared with the earlier work.     

网络考试系统中数据加密技术的研究与实现

基于Internet的远程教育与考试系统是当前快速发展的前沿研究领域。本文介绍了作者在全国第一个注册建筑师网络考试系统中所应用的网络安全与加密技术。本研究设计了独特的加密协议,实现了密钥分配和用户身份验证为一体的加密体制,保证了此网络考试系统的可行性和安全性。     

The impact of aviation checkpoint queues on optimizing security screening effectiveness

Passenger screening at aviation security checkpoints is a critical component in protecting airports and aircraft from terrorist threats. Recent developments in screening device technology have increased the ability to detect these threats; however, the average amount of time it takes to screen a passenger still remains a concern. This paper models the queueing process for a multi-level airport checkpoint security system, where multiple security classes are formed through subsets of specialized screening devices. An optimal static assignment policy is obtained which minimizes the steady-state expected amount of time a passenger spends in the security system. Then, an optimal dynamic assignment policy is obtained through a transient analysis that balances the expected number of true alarms with the expected amount of time a passenger spends in the security system. Performance of a two-class system is compared to that of a selective security system containing primary and secondary levels of screening. The key contribution is that the resulting optimal assignment policies increase security and passenger throughput by efficiently and effectively utilizing available screening resources.     

Hesitant Fuzzy-Sets Based Decision-Making Model for Security Risk Assessment

Security is an important component in the process of developing healthcare web applications. We need to ensure security maintenance; therefore the analysis of healthcare web application's security risk is of utmost importance. Properties must be considered to minimise the security risk. Additionally, security risk management activities are revised, prepared, implemented, tracked, and regularly set up efficiently to design the security of healthcare web applications. Managing the security risk of a healthcare web application must be considered as the key component. Security is, in specific, seen as an add-on during the development process of healthcare web applications, but not as the key problem. Researchers must ensure that security is taken into account right from the earlier developmental stages of the healthcare web application. In this row, the authors of this study have used the hesitant fuzzy-based AHP-TOPSIS technique to estimate the risks of various healthcare web applications for improving security-durability. This approach would help to design and incorporate security features in healthcare web applications that would be able to battle threats on their own, and not depend solely on the external security of healthcare web applications. Furthermore, in terms of healthcare web application's security-durability, the security risk variable is measured, and vice versa. Hence, the findings of our study will also be useful in improving the durability of several web applications in healthcare.     

塑料导爆管生产安全性探讨

文章通过对塑料导爆管生产过程中安全事故原因的分析,确定了生产过程中的危险源。根据一系列试验结果,提出了下药装置安全防护方案,并提出了机头堵药安全连锁自动控制及在线药量显示系统,是导爆管生产的本质化安全、自动化的发展方向。     

面向航空项目的风险识别技术研究

风险识别是项目风险管理的关键技术之一,直接影响风险管理中的风险估测、风险评价和选择风险应对措施等技术。分析了航空项目风险的主要来源;结合我国航空项目管理中风险识别的特点,运用核对表并改进鱼刺图对航空项目进行风险识别;提出了面向航空项目的风险识别新技术——现象一因子模型。本技术为航空项目高效、准确地识别项目风险奠定了基础。同时,分析了风险识别技术在航空项目风险管理中的具体应用,初步解决了航空项目中的风险识别问题。     

Exploring a cobot risk assessment approach combining FMEA and PRAT

Collaborative robots are an emerging technology falling within the scope of Industry 4.0 and based on the concept of Human-Robot Collaboration (HRC). Unlike traditional industrial robots, collaborative robots are used in shared workspaces with no safety fences. Hence, prospective hazardous contacts need to be avoided or mitigated through a risk assessment. The normative standards such as ISO TS 15066 suggest a list of common hazards, but do not guide the robot system user through the risk assessment process. To address this shortcoming, this paper proposes a practical eight steps risk assessment approach, resulting in a risk priority list. In order to provide an accurate, practical, quantitative and supportive tool for HRC environments, the Failure Mode and Effects Analysis (FMEA) and the Proportional Risk Assessment technique (PRAT) techniques are proposed for risk assessment. The two techniques mentioned above are combined in the suggested new methodology, highlighting both their benefits and disadvantages. The proposed methodology is applied with positive results to a collaborative brick-lifter case study.     

基于STAMP的民航进餐推车人因设计

目的 为解决空乘人员因工作负荷大、工作环境颠簸易发生碰撞事故等导致患肌肉骨骼病概率逐年上涨的问题,对民航进餐推车造型设计过程进行研究。方法 确定民航进餐推车系统中的安全约束,构建基于层级模式的民航进餐推车事故风险控制—人因模型;识别控制模型中潜在的不安全控制行为,采用层次分析法对这些行为的综合权重值进行计算并排序;运用虚拟仿真软件进行人因分析与设计优化,得到最优方案。结果 通过民航进餐推车设计实践,验证该方法的可行性与有效性。结论 在民航进餐推车设计过程的前期,引入STAMP模型和人因工程理论,可提升空乘人员在进餐推车服务过程中的安全性与舒适性,为研制符合空乘人员行为方式的新型民航进餐推车提供新的思路。     

Research on Architecture of Risk Assessment System Based on Block Chain

The risk assessment system has been applied to the information security, energy, medical and other industries. Through the risk assessment system, it is possible to quantify the possibility of the impact or loss caused by an event before or after an event, thereby avoiding the risk or reducing the loss. However, the existing risk assessment system architecture is mostly a centralized architecture, which could lead to problems such as data leakage, tampering, and central cheating. Combined with the technology of block chain, which has the characteristics of decentralization, security and credibility, collective maintenance, and untamperability. This paper proposes a new block chain-based risk assessment system architecture and a consensus mechanism algorithm based on DPOS improvement. This architecture uses an improved consensus mechanism to achieve a safe and efficient risk assessment solving the problem of data tampering in the risk assessment process, avoiding data leakage caused by improper data storage. A convenient, safe and fast risk assessment is achieved in conjunction with the improved consensus mechanism. In addition, by comparing existing risk assessment architecture, the advantages and impacts of the new block chain-based risk assessment system architecture are analyzed.     

Development of a hybrid fresh food supply chain risk assessment model

Supply chain managers and scholars recognise the importance of managing supply chain risk, especially in fresh food supply chain due to the perishable nature and short life cycle of products. Supply chain risk management consists of supply chain risk assessment, risk evaluation and formulation and implementation of effective risk response strategies. The commonly adopted qualitative methods such as risk assessment matrix to determine the level of risk have limitations. This paper proposes a hybrid model comprising both fuzzy logic (FL) and hierarchical holographic modelling (HHM) techniques where risk is first identified by the HHM method and then assessed using both qualitative risk assessment model (named risk filtering, ranking and management Framework) and fuzzy-based risk assessment method (named FL approach). The risk assessment results by the two different approaches are compared, and the overall risk level of each risk is calculated using the Root Mean Square calculation before identifying response strategies. This novel approach takes advantage of the benefits of both techniques and offsets their drawbacks in certain aspects. A case study in a fresh food supply chain company has been conducted in order to validate the proposed integrated approach on the feasibility of its functionality in a real environment.     

Assessment of information impacts in power system security against malicious attacks in a general framework

In the analysis of power systems security, recently a new concern related to possible malicious attacks caught much attention. Coordination among different transmission system operators (TSO) in an interconnected power system to counteract such attacks has become an important problem. This paper presents a general framework for describing the physical, cyber and decision-making aspects of the problem and their interrelations; within this framework, an analytic tool for the assessment of information impacts in handling on-line security after a malicious attack is proposed and discussed. The model is based on the socially rational multi-agent systems and the equilibrium of a fictitious play is considered to analyze the impacts of various levels of information available to the interconnected system operators on the outcomes of the decision-making process under attack. A 34-buses test system, with 3 systems interconnected by tie-lines, is presented to illustrate the model and compare the impacts of different information scenarios.     

Comparison of global sensitivity analysis techniques and importance measures in PSA

This paper discusses application and results of global sensitivity analysis techniques to probabilistic safety assessment (PSA) models, and their comparison to importance measures. This comparison allows one to understand whether PSA elements that are important to the risk, as revealed by importance measures, are also important contributors to the model uncertainty, as revealed by global sensitivity analysis. We show that, due to epistemic dependence, uncertainty and global sensitivity analysis of PSA models must be performed at the parameter level. A difficulty arises, since standard codes produce the calculations at the basic event level. We discuss both the indirect comparison through importance measures computed for basic events, and the direct comparison performed using the differential importance measure and the Fussell–Vesely importance at the parameter level. Results are discussed for the large LLOCA sequence of the advanced test reactor PSA.     

A perceptual computing–based method to prioritize intervention actions in the probabilistic risk assessment techniques

Probabilistic risk assessment techniques as the systematic tools have been widely used on the different type of industrial sectors to reduce the estimated risk to an acceptable level. The fact is to design inherently safety; hazards have to be eliminated and reduced in risk as much as possible with the consideration of several interventions. In this regard, multicriteria decision making (MCDM) science is commonly integrated with the probabilistic risk assessment techniques to improve the safety performance of a system. Thus, it has been widely used to assist decision makers in controlling the identified process hazards in a different type of engineering applications. However, by increasing the complexity of industrial sectors as well as human being judgments, typical MCDM methods cannot highly guarantee their output results. According to this point, proposing MCDM methods based on mathematical programming have been interested in scholars due to high reliability and feasibility of the results. In this paper, we extended integration of MULTIMOORA approach with the Choquet integral under subjectivity circumstances to prioritize corrective actions in a typical probabilistic risk assessment technique. To illustrate the efficiency and feasibility of the proposed method, it has been applied in a real case study.     

The application of the Six Sigma concept to port security process quality control

Greater heed has been paid to the matter of maritime security since the tragedy in the U.S.A. on 11 September 2001. A number of measures have been put into practice by ports to enhance security. More regulations and measures sometimes imply an increased probability of influencing port operations. Thus, the quality of the port security process regulated by measures is becoming essential. In this paper, the quality control in the port security process is demonstrated using the Six Sigma concept. It is concluded that it is crucial to distinguish each step of a security process clearly from the outset, furthermore, gathering quantitative data at each stage is the first priority. Copyright © 2007 John Wiley & Sons, Ltd.     

Using quantitative risk assessment in the chemical process industry

Growing concern about the risk of major chemical accidents in the USA has led both government and industry to find new ways to identify and evaluate potential hazards. Among the most promising (and misunderstood) approaches is a collection of techniques called quantitative risk assessment (QRA). Adapted primarily from probabilistic risk assessment approaches developed in other industries, the use of QRA is spreading rapidly through the US chemical industry. Of equal importance, legislators and regulatory agencies at the state and federal level are embracing QRA as part of their proposals for mandatory accident prevention measures.The Chemical Manufactures Association (CMA) and its member companies recognized the need to provide management personnel with a guide to QRA. Chemical process industry (CPI) managers need criteria for determining when risk assessment will provide information that will aid their decision making. Executives need help in understanding and evaluating QRA results that are often inscrutable to nonexperts, and CPI managers need advice concerning how detailed an analysis must be if it is to provide adequate information for a specific decision.JBF Associates, Inc., assisted by the Process Safety Analysis Task Group of CMA, prepared A Manager's Guide to Quantitative Risk Assessment (Arendt, J.S. et al., CMA, 1989). This paper gives an overview of the Guide and discusses important implications concerning the increasing acceptance of QRA as a chemical regulatory tool.